He is BobH, Finance Employee.

figures/intro.png

Violated the Office Policy

  • By falsifying and manipulating official records.
figures/sabotage.png

Caught by the Administration…

figures/got-fired.png

Got Fired from his Job..

figures/always.png

Filled with Rages.

  • Got anger.
  • Planned to sabatoge the Management.
figures/sabotage.png

Installing a WiFi AP near the office…

  • That has same SSID and Credentials as office device.
figures/Rogue-ap-install.png

If anyone get Connect,He got Access..

figures/control.png

Accessing Entire Network.

  • Even can control entire network.
figures/entire-network.png

Disclaimer

  • Educational Purpose only.
  • Please don’t use it anywhere.

Rogue AP attack

  • A type of Social Engineering.
  • Actions may involve planting unauthorized device inside the secured network.
  • Devices such as switches, Routers, WiFi AP.
figures/rogue-ap.jpg

figures/rogue-ap-car.jpg
  • It is rarely Noticable. So, Normal people can’t realize even if they used for this attack.
  • Like BobH did, Anyone can do this attack with ease.
  • In addition to that, Ther are many tools available for free.
  • Also, Some deploy ready equipments available online such as WiFi Pineapple

Tool

  • Evil-Twin Framework for Red Team
    • OpenSource
    • Written in python.
    • Used for WiFi Pentesting.
    • Able to to Packet sniffing (scapy), Packet injection, and Twin AP creation.
figures/EvilTwinFramework.jpg
  • It is so popular, that Rogue AP attack often refered as Evil-Twin Attack.

Prevention Tools

  • Snort 3 for Blue Team.
    • Opensource Intrution Prevention Software.
    • uses a series of rules that help define malicious network activity and Stop those packets.
    • Capable of real-time traffic analysis and packet logging.
figures/snort.jpg
  • Snort 3 IPS

Precaution & Safety

figures/free-wifi.jpg
  • Say “no” to public Wi-Fi.
  • Use VPN over a public Wi-Fi.
  • Encourage use of properly installed, configured and secured wireless LANs only.
  • Good think is some new device can tell apart Evil-Twins.

Thank you